Is cybersecurity our new national nightmare–and opportunity?
All signs point to yes on both counts. First the nightmare: there has been a flood of reporting on cybersecurity concerns and recent ransomware attacks in the U.S. Corporations are alarmed and rushing to shore up or enhance their cybersecurity systems and protocols. A June 3, 2021 New York Times article warned of the extreme urgency for corporations to drastically increase cybersecurity measures, following a “bluntly worded open letter” from the White House. The letter “urged them to take many of the defensive steps that the federal government requires of its agencies and contractors.”
Just two days later, the Times published a subsequent article entitled “Are We Waiting for Everyone to Get Hacked?” This article contains a particularly striking passage: “Recorded Future, a security firm that tracks ransomware attacks, estimated that there were 65,000 successful ransomware attacks last year, or one every eight minutes. But as businesses automate their core operations, the risk of more consequential ransomware attacks only grows.” Estimates suggest that cybercrime could cost the world $10.5 trillion by 2025.
Despite the urgent need for cybersecurity workers, employers are still passing over qualified candidates for several reasons. Some professionals don’t have (and may not need) a four year degree. There are skills shortages, rapidly changing skill sets, requirement gluts, salary concerns, wildly unrealistic job postings, and lack of practical experience.
The Cybersecurity Opportunity
Now for the opportunity: A recent CNN Business report states “there's a massive, longstanding labor shortage in the cybersecurity industry…. In the United States, there are around 879,000 cybersecurity professionals in the workforce and an unfilled need for another 359,000 workers, according to a 2020 survey by (ISC)2, an international nonprofit that offers cybersecurity training and certification programs.” Job opportunities for cybersecurity professionals are skyrocketing, and workforce supply is critically low.
As of May 2021, Gray’s Job Postings data shows nearly 500,000 open cybersecurity positions. States with the highest concentration of open jobs include California, Washington, Virginia, Texas, Florida, Massachusetts and New York, but there is considerable demand in at least ten other states. Jobs range from entry-level security analysts to executive-level positions; the latter are in particular demand, as corporations become more aware of the danger, difficulty, and cost inefficiency of retrofitting cybersecurity systems.
Employment in cybersecurity has shown enormous historical growth, and projections suggest that growth will keep climbing. For example, Gray’s Job Postings data shows that jobs for information security analysts are up 103% from May 2020 to May 2021. Jobs for computer and information research scientists are up an astonishing 2,119% since May of 2020. Job postings for other occupations related to network management, systems engineering, and cybersecurity are also showing sharp increases.
Jobs Related to Cybersecurity YOY Comparison
Interest in cybersecurity programs is growing among prospective students. Gray’s Student Inquiry data indicates a surge in inquiries for programs in cybersecurity/information assurance, cyber/computer forensics and counterterrorism, and cyber/electronic operations and warfare. In January 2021, inquiries hit an all time high, 50% higher than the previous record set in August 2020.
Student Inquiries for Cybersecurity Programs by Year
Gray’s Google Keyword Search dashboard confirms students’ growing interest in the field. Year over year, keyword searches have risen every month since 2018, and growth began to accelerate last July. In the first quarter of 2021, keyword searches for cybersecurity training and cybersecurity degrees rose 19%.
Keyword Searches for Programs in Cybersecurity
Some cybersecurity education companies have responded to these issues with new strategies. In May 2021, cybersecurity education company InfoSec announced its new partnership with Coursera, with plans to bring cybersecurity training to the site’s estimated 82 million learners. In Georgia, with the help of an $8 million four-year grant from the U.S. Department of Labor, the new Cyber Center WorkForces program is focused on training transitioning military personnel, underemployed, and unemployed workers to be “career-ready." The program has training at all levels, as well as the opportunity for certification. These initiatives are just a few of the many initiatives being taken to increase the supply of cybersecurity workers and speed-up the skill development for existing workers.
Guidelines for Successful Prep
What can higher ed do to help students prepare for a successful career in cybersecurity?
- Invest in experts to teach cybersecurity–and the investment will pay off. Gray’s Academic Economics Benchmarking database shows that the contribution margin on cybersecurity programs is 56% –which is in line with the average program.
- Create programs that are more focused on practical application of skills, and more aggressive about keeping professors and learners on top of the skills needed for the rapidly changing technology and increasing sophistication of “bad actors”.
- Put a stronger focus on sending out job-ready students who are also willing and eager to continue learning on the job.
- Offer two-year programs; this approach might hasten the flow of qualified professionals into the cybersecurity workforce
Overall, institutions would be well served by an assertive, multi-faceted strategy to encourage and engage both current and prospective cybersecurity students. Cybercrime is rampant, ferocious, and growing more dangerous by the second. The clock is ticking. The time is now.